Log in


Categories » ‘Alerts’

April fool? No an AdWords scam!

Categories: AdWords Alerts
April 3rd, 2010 by Pete

Happy Easter to all,
Don’t fall victim to this April Fool scam claiming your AdWords account has stopped.
The email even offers help to get them running again and even improving their performance – how generous!
dwords email scam Click to view enlarged image

The email link takes the visitor to http://adwords.google-sn.com domain (remaining URL details removed to protect readers)

http://whois.domaintools.com shows the domain was registered the same day the email was sent, and presumably the details are false otherwise I’m sure Ms Eva O’Brien will be hearing from Google shortly:

Domain Name………. google-sn.com
Creation Date…….. 2010-04-01
Registration Date…. 2010-04-01
Expiry Date………. 2011-04-01
Organisation Name…. Eva O’Brien
Organisation Address. 13343 Mount Castle Dr.
Organisation Address.
Organisation Address. Farmers Branch
Organisation Address. 75234
Organisation Address. TX
Organisation Address. UNITED STATES

Tags:
No Comments »

Website hacking on the rise

Categories: Alerts Tales from the trenches WebMasters Tools
September 11th, 2009 by Pete

(Republished from Sept Succinct Update)

I’ve encountered several ‘hacked’ websites recently and thought it was important to alert you to this disturbing trend.

The two forms of web site hacks I’ve encountered are those flagged by Google and a more furtive cloaked hack.

Flagged publicly by Google
This embarrassing alert is shown to visitors if Google determines your site has been hacked
Google-virus-warning

I’m sure you agree that this is enough to scare off any prospective client, and so is commercially very damaging. Google displays this message if it determines your site has a connection with a known ‘malware site’.

Malware means malicious software, and these sites use devious software to attack security vulnerabilities in your PC when you visit the site. The Google Online Security blog shows that reported malware sites have doubled in 2009 to over 300,000!

Although embarrassing, Google’s message possibly avoids a costly litigious situation should a website visitor have their computer systems compromised and loose business as a result.

BTW Google will also freeze your AdWords advertising campaigns if your site is assessed as associated with malware.

Your website’s ability to promote your business comes to a grinding halt.

Cloaked hacking
Possibly more sinister because you don’t know your website has been compromised, these hacks use your site as a ‘link farm’.

The hackers add links from your site to their target sites to help improve the ranking of their sites. Read more about the value of links here.

The infected sites I’ve stumbled over have links to extreme anti-social and/or sexually explicit sites. Apart from draining your Google PageRank, the links in this case are thankfully not visible to your visitors, but are visible to search engines.
Consequently your site runs the risk of reduced search ranking because as Google advises in its website guidelines:

“…avoid links to web spammers or “bad neighborhoods” on the web, as your own ranking may be affected adversely by those links…”

So these apparently benign links can seriously erode your website’s search ranking.

Am I hacked ?
The most important aspect of this for business owners is how to detect and resolve any of this type of activity before clients or your business is exposed to any risk.

Google’s Safe Browsing Diagnostic provides a quick and easy test to to assess the current status of your site:
www.google.com/safebrowsing/diagnostic?site=

De-hacking your site
If you find there is an issue with your site contact your web developer immediately to address it.

Normally the fix is technically simple; either removing the bad code or overwriting your published website with your offline backup
You do have an offline backup of you website haven’t you?

Declaring ‘All Clear’
You could sit and wait patiently for Google to finally decide that you have eradicated the hack, but during this time your site continues to scare off new and existing customers.

Google WebMasters Tools provides a reconsideration lodgement facility to formally advise Google you have removed the hack. I note also that Bing now has a similar process.

You will need to register your site with Google WebMasters which itself may require assistance your web developer and/or an internet marketer.
It all takes time but eventually you will get the business stealing alert message removed.

Hack Prevention
How can you prevent hacks? There is no simple answer; hackers are increasingly more sophisticated but here is a guide:

• Keep your PC’s virus and spam software up to date
• Change passwords regularly
• Store your website’s access details in a secure location
• Keep off-line backups of your site
• Monitor activity in your site
• Visit your own site occasionally

Summary
The internet provides global exposure to prospective customers as well as villains. Be vigilant and stay informed.

You can subscribe to the Succinct Update here

6 Comments »

Undercover Spam: "I visited your website and found…"

Categories: Alerts Tales from the trenches
May 28th, 2009 by Pete

A number of people have contacted me to seek advice after receiving an email typically starting with I visited your website and found it did not rank for <insert apparently relevant keywords here>.

The email finishes with an offer to get your website ranking in Google.

Client’s initial reactions are that this was a genuine pro-active service provided by the sender, and they felt some obligation to contact them and seriously consider their offer.

The harsh reality is that some software found your site, tested it against potentially irrelevant keywords and then composed and sent you that email.

There’s no caring proactive professional business person behind this; just a spammer using software to try to trick you into contacting them.

Yes, its  spam email masquerading as a proactive service from an allegedly reputable business.

The human(s) responsible are unlikely to actually know of your business; and probably don’t even know that their software sent it to you until of course you contact them.

Do a Google search and you will find that this spam has even been sent to Google themselves claiming to be able to help them improve ranking for  their website !

I think the WebWise blog best sums this up with a quote from Google:   ”reserve the same skepticism for unsolicited email about search engines as you do for ‘burn fat at night’ diet pills or requests to help transfer funds from deposed dictators.”

Tags:
No Comments »

Asian domain scam ?

Categories: Alerts
August 1st, 2008 by Pete

Recently a client queried an email claiming to alert them that another party was trying to register ‘their’ internet domain in Asia.

See email 1 below (Client information removed for privacy)

On face value this appears to be a valuable service, and the administrator’s initial response was of interest, and they referred it to me for a second opinion.

As this client was actively involved in business in Asia they rightly felt this may be an important piece of information for their Asian online presence.

On reading the email I was suspicious (aren’t you ?!) but the website appears as a legitimate Asian domain registrar, and they are not asking for money – not at that stage anyway.

« More »

2 Comments »

*Warning* AdWords ‘phishing’ continues

Categories: AdWords Alerts Tales from the trenches phishing
June 18th, 2008 by Pete

Please be aware that I’m still regularly hearing reports of people who have received AdWords ‘phishing’ emails.

These appear to be genuine communications from Google asking you to renew your AdWords account or update your AdWords payment details, but are in fact scams cleverly designed to steal your credit card details.

You can identify the bogus emails by carefully rolling your mouse over the link in the email to view the popup tooltip; then carefully examine the domain details.

The phishing emails typically link to a Chinese domain which is dot cn (i.e. .cn) rather than the domain it appears to be.

Please be vigilant and under no circumstances enter your credit card details. If you do, then contact your bank immediately to freeze your credit card.

If you receive a phishing email, forward it to phishing@google.com so the folks at Google can do something about stopping these thieves.

If you are in doubt about your AdWords account’s status you can check it online. Once your AdWords account is established, the only time you should have to re-enter payment details is when your credit card expires.

If in doubt, don’t click.

No Comments »

*Warning* AdWords payment details phishing

Categories: AdWords Alerts phishing
March 31st, 2008 by Pete

A client fortunately queried this email with me and my trusty McAfee virus protection software flagged it as ‘phishing’.  It is a scam email cloaked as a Google AdWords payment alert trying to steal your credit card details.

The email link to update your payment details actually goes to a Chinese site and not Google: http://adwords.google.com.r4oik.cn/select/Login/

There has been some other recent reports of similar phishing scams on the Search Engine Round Table blog.

The email certainly looks legitimate and so anyone could be easily decieved. 

I strongly recommend that you ensure your internet security software is up to date and capable of detecting ‘phishing’ emails.

 After contacting Google AdWords support they asked that phishing emails be forwarded to phishing@google.com

5 April Update More phishing emails relating  to Adwords
Ive recieved a couple of these today:

Dear AdWords Customer,

As part of our ongoing efforts to improve the Google AdWords programme for advertisers and users,
we have updated our Terms and Conditions.

Please review the new Terms and Conditions below, then indicate your acceptance.

Yes, I accept the Terms and Conditions. <– this link leads to a Chinese site not to Google Adwords

No Comments »